[dns-operations] New OARC Chat Platform

Keith Mitchell keith at dns-oarc.net
Tue Aug 25 13:12:02 UTC 2020

On 8/25/20 4:26 AM, Ondřej Surý wrote:
> The details has been provided on OARC members list, so I’ll let
> Keith and Matt to decide the level of detail to provide, but the
> service is being hosted by a professional organization and is subject
> to confidentiality agreement. OARC Mattermost (the software) is not 
> being run by OARC staff.

Thanks everyone who has pointed out that to some extent this discussion
is a bikeshed - there are many, many chat platforms out there, and it's
simply impossible to choose one that's going to satisfy everyone. It was
clear however that our existing jabber platform was satisfying fewer and
fewer people, and that we needed to replace it with something more
modern and appealing.

A major consideration on adopting an open platform like Mattermost vs a
closed proprietary platform like Slack are the specific requirements in
the OARC Participation Agreement for sharing information collectively
between OARC Members on a confidential basis.

Slack logs everything, and the only confidentiality guarantees you get
are their standard click-through contract. Once you are signed up the
relationship is sticky and hard to migrate away from should there be issues.

The other downside of Slack is the cost - even with nonprofit discount
on their service, for our community of 300+ users, the managed
Mattermost solution was vastly cheaper. We can scale Mattermost without
having to worry about pay-per-play on users/team/channels/messages.

Using an open-source platform allows us the *choice* of self-hosting vs
outsourced, and our own Member Participation Agreement-compliant
policies on confidentiality and retention. While these may be stronger
than is required for an open community platform, it does not make sense
to run different platforms for Members vs everyone else.

I'll be the first to admin that OARC's systems engineering resources are
over-stretched, and that's why we took the decision to outsource this
service, which has successfully given us one less arcane thing to
manage. The out-sourcing agreement is with Mythic Beasts, a UK-based
cloud provider who offer managed Mattermost to other customers. As part
of the service agreement, Mythic signed up as OARC Supporters, which
binds them and the service to the same collective confidentiality terms
as OARC Members are bound by.

There's also many other organizations in our space using Mattermost
already (e.g. CAIDA, EFF, ISC, Mozilla,...), and it feels like good
company to keep.

Finally, now that we've moved to an openly-available platform, we have
the flexibility to keep that outsourced, change providers, or in-source
as appropriate, should we decide to do so in future.


>> On 25. 8. 2020, at 8:19, Doug Barton <dougb at dougbarton.email> 
>> wrote:
>> Is this something that OARC is operating and maintaining, or is it 
>> something that you're acting as a conduit for? The former would be 
>> included in my definition of "rolling your own." Are there 
>> seriously no existing communications platforms anywhere that 
>> provide adequate security?
>> I don't intend this as armchair quarterbacking, I'm looking at it 
>> from the standpoint of whether or not putting resources into OARC 
>> is a good investment. Certainly the people involved, and the 
>> intentions of those people, are top notch. But without good 
>> decision making to support those intentions it's hard to justify 
>> contributing additional resources. Of course, that's just my 
>> opinion, and I hope that I'm wrong.
>> On 8/24/20 10:00 PM, Ondřej Surý wrote:
>>> Doug, that’s *exactly* what OARC is doing. It’s not rolling
>>> “own” platform, it’s using existing platform that many existing
>>> teams are using as a communication platform. The added
>>> requirement for choosing a chat platform was a strong data
>>> protection. This is something that centralized platform (like
>>> Slack) can’t offer. Mattermost is a solid competitor on the
>>> market and I am glad that OARC moved away from Jabber both as a
>>> board member and OARC member.

>>>> While I think it's great that you're offering this service, I 
>>>> can't help asking why you're rolling your own instead of 
>>>> utilizing any of the many chat services that already exist? 
>>>> Slack comes immediately to mind, but it's far from the only 
>>>> commonly used platform at the moment.

More information about the dns-operations mailing list